Information Processing Apparatus, Information Processing Method, and Storage Medium

1. An information processing apparatus for performing run-time alteration detection for an execution module based on a white list, the information processing apparatus comprising: one or more processors; and at least one memory storing executable instructions, which when executed by the one or more processors, cause the information processing apparatus to: receive a request for executing the execution module; detect, as first alteration detection, an alteration of the white list; detect, as second alteration detection, an alteration of an execution module which is requested to be executed, by using a white list determined to have no alteration by the first alteration detection; and deactivate a system of the information processing apparatus if an alteration is detected by the second alteration detection and a current activation mode of the information processing apparatus is identical to an activation mode related to the execution module which is requested to be executed, and inhibit execution of the execution module which is requested to be executed if the alteration is detected by the second alteration detection and the current activation mode of the information processing apparatus is not identical to the activation mode related to the execution module which is requested to be executed.

2. The information processing apparatus according to claim 1 , wherein the executable instructions, when executed by the one or more processors, further cause the information processing apparatus to: in a case where the white list is determined to have an alteration by the first alteration detection, select and control whether to deactivate the system of the information processing apparatus or to inhibit only execution of the execution module which is requested to be executed, depending on a storage area of the white list.

3. An information processing apparatus for performing run-time alteration detection for an execution module based on a white list, the information processing apparatus comprising: one or more processors; and at least one memory storing executable instructions, which when executed by the one or more processors, cause the information processing apparatus to: receive a request for executing the execution module; detect, as first alteration detection, an alteration of the white list; detect, as second alteration detection, an alteration of an execution module which is requested to be executed, by using a white list determined to have no alteration by the first alteration detection; deactivate a system of the information processing apparatus if an alteration is detected by the second alteration detection and a current activation mode of the information processing apparatus is identical to an activation mode related to the execution module which is requested to be executed, and inhibit execution of the execution module which is requested to be executed if the alteration is detected by the second alteration detection and the current activation mode of the information processing apparatus is not identical to the activation mode related to the execution module which is requested to be executed; and upon detection of an alteration of the white list by the first alteration detection, regenerate the white list by confirming whether the information processing apparatus is normal.

4. The information processing apparatus according to claim 3 , wherein the executable instructions, when executed by the one or more processors, further cause the information processing apparatus to: in a case where the information processing apparatus is determined to be normal, regenerate a white list, and in a case where the information processing apparatus is determined to be abnormal, deactivate the system of the information processing apparatus or inhibit only execution of the execution module which is requested to be executed.

5. The information processing apparatus according to claim 3 , wherein the executable instructions, when executed by the one or more processors, further cause the information processing apparatus to: confirm whether the information processing apparatus is normal by confirming a log file recording an alteration detected by the first alteration detection or the second alteration detection.

6. The information processing apparatus according to claim 3 , wherein the executable instructions, when executed by the one or more processors, further cause the information processing apparatus to: confirm whether the information processing apparatus is normal by detecting an alteration of modules sequentially activated during activation of the information processing apparatus.

7. The information processing apparatus according to claim 3 , further comprising: a Trusted Platform Module (TPM) as a tamper-resistant security chip, wherein the executable instructions, when executed by the one or more processors, further cause the information processing apparatus to: confirm whether the information processing apparatus is normal by verifying hash values of modules sequentially activated during activation of the information processing apparatus, by using an external server, the hash values being stored in the TPM.

8. The information processing apparatus according to claim 3 , wherein the executable instructions, when executed by the one or more processors, further cause the information processing apparatus to: select a usable method out of a log confirmation, an activation-time verification, and a device certification; and use the selected method to confirm whether the information processing apparatus is normal.

9. An information processing method provided with an information processing apparatus for performing run-time alteration detection for an execution module based on a white list, the information processing method comprising: receiving a request for executing the execution module; detecting, as first alteration detection, an alteration of the white list; detecting, as second alteration detection, an alteration of an execution module which is requested to be executed, by using a white list determined to have no alteration by the first alteration detection; and deactivating a system of the information processing apparatus if an alteration is detected by the second alteration detection and a current activation mode of the information processing apparatus is identical to an activation mode related to the execution module which is requested to be executed, and inhibiting execution of the execution module which is requested to be executed if the alteration is detected by the second alteration detection and the current activation mode of the information processing apparatus is not identical to the activation mode related to the execution module which is requested to be executed.

10. An information processing method provided with an information processing apparatus for performing run-time alteration detection for an execution module based on a white list, the information processing method comprising: receiving a request for executing the execution module; detecting, as first alteration detection, an alteration of the white list; detecting, as second alteration detection, an alteration of an execution module which is requested to be executed, by using a white list determined to have no alteration by the first alteration detection; deactivating a system of the information processing apparatus if an alteration is detected by the second alteration detection and a current activation mode of the information processing apparatus is identical to an activation mode related to the execution module which is requested to be executed, and inhibiting execution of the execution module which is requested to be executed if the alteration is detected by the second alteration detection and the current activation mode of the information processing apparatus is not identical to the activation mode related to the execution module which is requested to be executed; and regenerating, as white list generation, upon detection of an alteration of the white list by the first alteration detection, the white list by confirming whether the information processing apparatus is normal.

11. A non-transitory storage medium storing a program causing a computer to execute an information processing method, the method comprising: receiving a request for executing an execution module; detecting, as first alteration detection, an alteration of a white list; detecting, as second alteration detection, an alteration of an execution module which is requested to be executed, by using a white list determined to have no alteration by the first alteration detection; and deactivating a system of the information processing apparatus if an alteration is detected by the second alteration detection and a current activation mode of the information processing apparatus is identical to an activation mode related to the execution module which is requested to be executed, and inhibiting execution of the execution module which is requested to be executed if the alteration is detected by the second alteration detection and the current activation mode of the information processing apparatus is not identical to the activation mode related to the execution module which is requested to be executed.

12. A non-transitory storage medium storing a program causing a computer to execute an information processing method, the method comprising: receiving a request for executing an execution module; detecting, as first alteration detection, an alteration of a white list; detecting, as second alteration detection, an alteration of an execution module which is requested to be executed, by using a white list determined to have no alteration by the first alteration detection; deactivating a system of the information processing apparatus if an alteration is detected by the second alteration detection and a current activation mode of the information processing apparatus is identical to an activation mode related to the execution module which is requested to be executed, and inhibiting execution of the execution module which is requested to be executed if the alteration is detected by the second alteration detection and the current activation mode of the information processing apparatus is not identical to the activation mode related to the execution module which is requested to be executed; and regenerating, as white list generation, upon detection of an alteration of the white list by the first alteration detection, the white list by confirming whether the information processing apparatus is normal.